Forrest Taylor wrote:
I have a user that has a category different than the default. When I
log in to the GUI or via ssh, the category is set. However, when I
login to the text console, the category is not set. Is this a bug in
login or do I have unreasonable expectations?
# semanage translation -l
s0:c1 admin1
# semanage login -l
student user_u admin1
Through ssh/GUI:
$ id -Z
user_u:system_r:unconfined_t:admin1
Through text console:
$ id -Z
system_u:system_r:unconfined_t:SystemLow-SystemHigh
Now that I write this, I notice that the user and role have changed as
well. I also notice this in the audit log:
type=USER_ROLE_CHANGE msg=audit(1184777815.107:4063): user pid=5517
uid=0 auid=500 subj=system_u:system_r:local_login_t:s0-s0:c0.c1023
msg='pam: default-context=user_u:system_r:unconfined_t:s0:c1 selected-
context=?: exe="/bin/login" (hostname=?, addr=?, terminal=tty1
res=success)'
This is running on RHEL 5.0.0 targeted policy. Any clues?
Thanks,
Forrest
------------------------------------------------------------------------
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
This looks like a bug.
But a lot of fixes were added for 5.1 for MLS policy and this might have
been one of them. Since this is pretty fundamental to mls.
A prerelease of the mls packages is available at
http://people.redhat.com/sgrubb/files/lspp/
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
